Illegal access to our data by law enforcement needs to be prosecuted

Telecommunications metadata was illegally accessed almost as soon as the Telecommunications (Interception and Access) Amendment (Data Retention) Bill came into force. Now the government wants new powers to force companies to put in back-doors into electronic devices, and it puts all of us at risk.

The federal government, after assuring that appropriate checks and balances were in place to protect freedom of speech, were quickly found to have had insufficient protection against unauthorised access of metadata.

In early 2017, an AFP agent accessed the call records of a journalist without a warrant (warrants are required to access metadata in a select few cases, including for journalists, while the vast majority of our metadata can be accessed without a warrant). Commissioner Andrew Colvin said the agent had no “ill will or bad intent”. It is good to know that the AFP is hiring nice people. It is deeply concerning however, that the process intended to protect our individual rights (the requirement of a warrant) was so easily thwarted by someone in the AFP incompetent enough to allow illegal access. The curators of this data must be held to a higher standard than that of the average citizen.

Given that the metadata retention laws were freely broken without any consequence for the employees of the organisation that broke it, we can be fairly sure that this new law’s penalties for illegal access will also be unlikely to be punished. Access to devices and the ability to remote control them come with huge responsibility and is of national security importance. There clearly is not sufficient disincentive in organisations like the AFP to prevent agents from accessing information or to prevent systemic access failures.